On 3/3/22 7:39 PM, Pavel Begunkov wrote:
> On 3/4/22 02:19, Jens Axboe wrote:
>> On 3/3/22 6:52 PM, Pavel Begunkov wrote:
>>> On 3/3/22 16:31, Jens Axboe wrote:
>>>> On 3/3/22 7:40 AM, Jens Axboe wrote:
>>>>> On 3/3/22 7:36 AM, Jens Axboe wrote:
> [...]
>>>>
>>>> diff --git a/fs/io_uring.c b/fs/io_uring.c
>>>> index ad3e0b0ab3b9..8a1f97054b71 100644
>>>> --- a/fs/io_uring.c
>>>> +++ b/fs/io_uring.c
>>> [...]
>>>> static void *io_uring_validate_mmap_request(struct file *file,
>>>> loff_t pgoff, size_t sz)
>>>> {
>>>> @@ -10191,12 +10266,23 @@ SYSCALL_DEFINE6(io_uring_enter, unsigned int, fd, u32, to_submit,
>>>> io_run_task_work();
>>>> if (unlikely(flags & ~(IORING_ENTER_GETEVENTS | IORING_ENTER_SQ_WAKEUP |
>>>> - IORING_ENTER_SQ_WAIT | IORING_ENTER_EXT_ARG)))
>>>> + IORING_ENTER_SQ_WAIT | IORING_ENTER_EXT_ARG |
>>>> + IORING_ENTER_REGISTERED_RING)))
>>>> return -EINVAL;
>>>> - f = fdget(fd);
>>>> - if (unlikely(!f.file))
>>>> - return -EBADF;
>>>> + if (flags & IORING_ENTER_REGISTERED_RING) {
>>>> + struct io_uring_task *tctx = current->io_uring;
>>>> +
>>>> + if (fd >= IO_RINGFD_REG_MAX || !tctx)
>>>> + return -EINVAL;
>>>> + f.file = tctx->registered_rings[fd];
>>>
>>> btw, array_index_nospec(), possibly not only here.
>>
>> Yeah, was thinking that earlier too in fact but forgot about it. Might
>> as well, though I don't think it's strictly required as it isn't a user
>> table.
>
> I may have missed in what cases it's used, but shouldn't it be
> in all cases when we use a user passed index for array addressing?
> e.g. to protect from pre-caching a chunk of memory computed from
> an out-of-array malevolent index
>
> I just don't see any relevant difference from normal file tables
Indeed, I guess it's the indexing that matters, not the table itself.
I'll make the edit.
--
Jens Axboe
